General
-
Target
4470dffdf485099a7ebbe92b3e8d1db1ff14d8b2c39e3aabaa69c8122e86b91b.elf
-
Size
168KB
-
Sample
240409-kjmbbaag86
-
MD5
635310bf9fce382320b3ee8716a1424f
-
SHA1
e80ec55bfb60d8629d887e07f925adcc09edd301
-
SHA256
4470dffdf485099a7ebbe92b3e8d1db1ff14d8b2c39e3aabaa69c8122e86b91b
-
SHA512
7889bb91634d2dbaa7c5eb70314f7d80590fc770cb31e178c547f38a0ccccd6c297d831b687589126316ea80d8a237ccd6afc4e0b41b8103b0ad9c6575a6cd88
-
SSDEEP
3072:8PSi28gcKeX9BCxDFwlcgPifbAIBXYM2bkzBe/B+NJP8vWQcY1EKk5WcTM:B8gSsFwdPCfBXY1Ke/gNN8vWQcY1EKkM
Behavioral task
behavioral1
Sample
4470dffdf485099a7ebbe92b3e8d1db1ff14d8b2c39e3aabaa69c8122e86b91b.elf
Resource
debian12-armhf-20240221-en
Behavioral task
behavioral2
Sample
4470dffdf485099a7ebbe92b3e8d1db1ff14d8b2c39e3aabaa69c8122e86b91b.elf
Resource
debian12-mipsel-20240221-en
Behavioral task
behavioral3
Sample
4470dffdf485099a7ebbe92b3e8d1db1ff14d8b2c39e3aabaa69c8122e86b91b.elf
Resource
debian9-armhf-20240226-en
Behavioral task
behavioral4
Sample
4470dffdf485099a7ebbe92b3e8d1db1ff14d8b2c39e3aabaa69c8122e86b91b.elf
Resource
debian9-mipsbe-20240226-en
Behavioral task
behavioral5
Sample
4470dffdf485099a7ebbe92b3e8d1db1ff14d8b2c39e3aabaa69c8122e86b91b.elf
Resource
debian9-mipsel-20240226-en
Behavioral task
behavioral6
Sample
4470dffdf485099a7ebbe92b3e8d1db1ff14d8b2c39e3aabaa69c8122e86b91b.elf
Resource
ubuntu1804-amd64-20240226-en
Behavioral task
behavioral7
Sample
4470dffdf485099a7ebbe92b3e8d1db1ff14d8b2c39e3aabaa69c8122e86b91b.elf
Resource
ubuntu2004-amd64-20240221-en
Malware Config
Extracted
gafgyt
239.255.255.250:1900
Targets
-
-
Target
4470dffdf485099a7ebbe92b3e8d1db1ff14d8b2c39e3aabaa69c8122e86b91b.elf
-
Size
168KB
-
MD5
635310bf9fce382320b3ee8716a1424f
-
SHA1
e80ec55bfb60d8629d887e07f925adcc09edd301
-
SHA256
4470dffdf485099a7ebbe92b3e8d1db1ff14d8b2c39e3aabaa69c8122e86b91b
-
SHA512
7889bb91634d2dbaa7c5eb70314f7d80590fc770cb31e178c547f38a0ccccd6c297d831b687589126316ea80d8a237ccd6afc4e0b41b8103b0ad9c6575a6cd88
-
SSDEEP
3072:8PSi28gcKeX9BCxDFwlcgPifbAIBXYM2bkzBe/B+NJP8vWQcY1EKk5WcTM:B8gSsFwdPCfBXY1Ke/gNN8vWQcY1EKkM
Score7/10-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Creates/modifies Cron job
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-